Hands On Labs
Hands On Labs Courses:
A Denial-of-Service (DoS) attack is an attempt to make a machine or network resource unavailable to its users. It causes a network connectivity loss by bandwidth consumption or an overload of the victim's computer resources. There are many kinds of DoS attacks and they operate mostly at layers 3, 4 and 7 of the OSI model. IBM Security Network Protection (XGS), through its Protocol Analysis Module (PAM), is able to detect many of these attacks by parsing the protocols and monitoring the traffic as it passes through its inspection ports. Based on the behavior of the protocols and traffic, PAM is able to detect a specific event associated to these types of attacks and block it by dropping the offending packets and quarantining the attacker.
Course Code: SEC9860
The lab gives an overview of the available APIs that can be used to manage IBM Security Network Protection and send alerts to it.
The tasks in these exercises explain how the appliance uses the TLS/SSL protocol when traffic is encrypted to enforce network access rules and perform deep packet inspection. The appliance decrypts traffic going from a user-controlled network to the Internet (outbound SSL connection) differently from the traffic coming in from the Internet into a user-controlled network.
The majority of the policies are managed by SiteProtector, except a few where you must use the XGS browser interface called the local management interface (LMI).